Allow to pass ImagePullSecrets to Kubernetes pods
This is currently only supported for the Openshift driver but it's quite useful (and needed) for the Kubernetes driver as well. The implementation follows the same strategy as for the OpenShift driver by allowing to set the key to the Pod labels. One caveat is that this exects the secret to exist in the namespace, therefore, some external mechanism needs to take care of creating such secret there. Change-Id: I976290e72cd59c335f6bef22e364a4d5c0a7b554
This commit is contained in:
parent
0a858c4be8
commit
205d9f3b77
|
@ -224,6 +224,23 @@ Selecting the kubernetes driver adds the following options to the
|
|||
that this field contains arbitrary key/value pairs and is
|
||||
unrelated to the concept of labels in Nodepool.
|
||||
|
||||
.. attr:: image-pull-secrets
|
||||
:default: []
|
||||
:type: list
|
||||
|
||||
The imagePullSecrets needed to pull container images from a private
|
||||
registry.
|
||||
|
||||
Example:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
labels:
|
||||
- name: pod-fedora
|
||||
image: docker.io/fedora:28
|
||||
image-pull-secrets:
|
||||
- name: registry-secret
|
||||
|
||||
.. attr:: python-path
|
||||
:type: str
|
||||
:default: auto
|
||||
|
|
|
@ -49,6 +49,7 @@ class KubernetesPool(ConfigPool):
|
|||
pl.type = label['type']
|
||||
pl.image = label.get('image')
|
||||
pl.image_pull = label.get('image-pull', 'IfNotPresent')
|
||||
pl.image_pull_secrets = label.get('image-pull-secrets', [])
|
||||
pl.python_path = label.get('python-path', 'auto')
|
||||
pl.shell_type = label.get('shell-type')
|
||||
pl.cpu = label.get('cpu', self.default_label_cpu)
|
||||
|
|
|
@ -341,7 +341,8 @@ class KubernetesProvider(Provider, QuotaSupport):
|
|||
container_body['resources'] = resources
|
||||
|
||||
spec_body = {
|
||||
'containers': [container_body]
|
||||
'containers': [container_body],
|
||||
'imagePullSecrets': label.image_pull_secrets,
|
||||
}
|
||||
|
||||
if label.node_selector:
|
||||
|
|
Loading…
Reference in New Issue